View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0022156||mantisbt||ldap||public||2017-01-10 11:10||2017-01-31 04:05|
|Status||closed||Resolution||no change required|
|Summary||0022156: Password are stored in PLAIN TEXT|
We have on MySQL, user inserted directly from Mantis & user from LDAP
I'm using this configuration :
When I convert a password in database from PLAIN_TEXT to MD5, user can login but password is updated as PLAIN_TEXT
|Tags||No tags attached.|
MULTI_AUTH is no standard MantisBT login method and there is no option $g_multi_auth_pref .
You are dealing with problems you introduced by changing the original source.
With regards to LDAP password in MD5, see also 0012957
thanks both of you
This customization was made because of some user was not found via LDAP and an old admin bypass it with a manual user creation... I'm just try to deal with the historical configuration
this is not a bug or feature request for MantisBT (you are asking for help on how to deal with problems that you introduced by changing original source). That's why we are resolving such issues as "no change required".
Please use the forums to get support on customizing and using MantisBT (refer to http://www.mantisbt.org/support.php for links and further details).
Change $g_login_method = MULTI_AUTH; to $g_login_method = LDAP;
UPDATE mantis_user_table SET password= '';
Next authentifaction will update the password's field with the ldap's credential and it will be crypted
May be useful for the community
Thanks for the feedback !